diff options
author | Jay Satiro <raysatiro@yahoo.com> | 2015-06-20 18:45:25 -0400 |
---|---|---|
committer | Jay Satiro <raysatiro@yahoo.com> | 2015-06-20 18:45:25 -0400 |
commit | 6842afbf4498198766bf4ff6300a5f267fcbd361 (patch) | |
tree | f653edb67a38ace304f8ed81ef0962a13affe3df | |
parent | ea1eec8ea88ade9137cdb6db422d00b273daef03 (diff) |
INSTALL: Advise use of non-native SSL for Windows <= XP
Advise that WinSSL in versions <= XP will not be able to connect to
servers that no longer support the legacy handshakes and algorithms used
by those versions, and to use an alternate backend like OpenSSL instead.
Bug: https://github.com/bagder/curl/issues/253
Reported-by: zenden2k <zenden2k@gmail.com>
-rw-r--r-- | docs/INSTALL | 9 | ||||
-rw-r--r-- | projects/README | 9 | ||||
-rw-r--r-- | winbuild/BUILD.WINDOWS.txt | 13 |
3 files changed, 29 insertions, 2 deletions
diff --git a/docs/INSTALL b/docs/INSTALL index 457031884..e7a929bf6 100644 --- a/docs/INSTALL +++ b/docs/INSTALL @@ -471,6 +471,15 @@ Win32 add '-DCURL_STATICLIB' to your CFLAGS. Otherwise the linker will look for dynamic import symbols. + Legacy Windows and SSL + ---------------------- + WinSSL (Windows SSPI, more specifically Schannel), is the native SSL library + that comes with the Windows OS. WinSSL in Windows <= XP is not able to + connect to servers that no longer support the legacy handshakes and + algorithms used by those versions. If you will be using curl in one of those + earlier versions of Windows you should choose another SSL backend like + OpenSSL. + Apple iOS and Mac OS X ====================== diff --git a/projects/README b/projects/README index b45d78397..27095380a 100644 --- a/projects/README +++ b/projects/README @@ -110,6 +110,15 @@ Notes stored in the git repositoty) will need to be modified rather than the generated project files that Visual Studio uses. +Legacy Windows and SSL +====================== +Some of the project configurations use as an SSL backend WinSSL (Windows SSPI, +more specifically Schannel), the native SSL library that comes with the Windows +OS. WinSSL in Windows <= XP is not able to connect to servers that no longer +support the legacy handshakes and algorithms used by those versions. If you +will be using curl in one of those earlier versions of Windows you should +choose another SSL backend like OpenSSL. + TODO ==== diff --git a/winbuild/BUILD.WINDOWS.txt b/winbuild/BUILD.WINDOWS.txt index 600f73746..ed19e56c0 100644 --- a/winbuild/BUILD.WINDOWS.txt +++ b/winbuild/BUILD.WINDOWS.txt @@ -1,5 +1,5 @@ -Building with Visual C++, prerequises
-=====================================
+Building with Visual C++, prerequisites
+=======================================
This document describes how to compile, build and install curl and libcurl
from sources using the Visual C++ build tool. To build with VC++, you will
@@ -87,3 +87,12 @@ therefore rarely tested. When passing RTLIBCFG for a configuration that was already built but not with that option, or if the option was specified
differently, you must destroy the build directory containing the configuration
so that nmake can build it from scratch.
+
+Legacy Windows and SSL
+======================
+When you build curl using the build files in this directory the default SSL
+backend will be WinSSL (Windows SSPI, more specifically Schannel), the native
+SSL library that comes with the Windows OS. WinSSL in Windows <= XP is not able
+to connect to servers that no longer support the legacy handshakes and
+algorithms used by those versions. If you will be using curl in one of those
+earlier versions of Windows you should choose another SSL backend like OpenSSL.
|